Polymorphic Protocols for Fighting Bots

Authors

  • August See University of Hamburg

DOI:

https://doi.org/10.14279/tuj.eceasst.80.1157

Abstract

Web Robots (bots) that automate communication with a service on the Internet via their API are efficient and easy to scale. A large number of bots leads to significant losses for providers and can frustrate users of social media, games or online stores. Existing solutions such as CAPTCHAs or complex registrations either frustrate users or are easy to circumvent. Current solutions that make it difficult to create bots are only effective for the first bot. Once the first bot is created, it can be easily duplicated to build an army of bots. This paper presents an approach inspired by polymorphic malware and censorship resistance to change this. Each client that communicates with a service does so by using its own application protocol that is syntactically different but not semantically. Thus, a bot creator is forced to either find a way to automatically extract the whole application protocol from a client or to reverse engineer a new protocol for each bot that is created.

Downloads

Published

2021-09-08

How to Cite

[1]
A. See, “Polymorphic Protocols for Fighting Bots”, eceasst, vol. 80, Sep. 2021.

Issue

Vol. 80 (2021): Conference on Networked Systems 2021 (NetSys 2021)

Section

Articles

License

Copyright (c) 2021 Electronic Communications of the EASST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.